Settings for Main office | D-Link DFL-200 specs

Settings for Main office

1.Setup interfaces, System->Interfaces: WAN IP:193.0.2.20

LAN IP: 192.168.1.1, Subnet mask: 255.255.255.0

2.Setup L2TP server, Firewall->VPN:

Under L2TP / PPTP Server click Add new L2TP server

Name the server l2tpServer

Leave Outer IP and Inner IP blank

Set client IP pool to 192.168.1.100 – 192.168.1.199

Check Proxy ARP dynamically added routes

Check Use unit’s own DNS relayer addresses

Leave WINS settings blank

Under authentication MSCHAPv2 should be the only checked option Under MPPE encryption None should be the only checked option Check the Use IPsec encryption box

Enter the pre-shared key, 1234567890, and retype same pre-shared key Click Apply

3.Setup policies for the new tunnel, Firewall->Policy:Click Global policy parameters

Enable Allow all VPN traffic: internal->VPN, VPN->internal and VPN->VPN Click Apply

4.Set up authentication source, Firewall->Users:

Select Local database

Click Apply

5.Add a new user, Firewall->Users:

Under Users in local database click Add new

Name the new user HomeUser

Enter password: 1234567890

Retype password: 1234567890

Image 113

D-Link DFL-200 manual Settings for Main office

Contents

Link DFL-200 Contents VPN Servers 111 125 122 Access Control supported Features and BenefitsIntroduction Introduction to Firewalls Introduction to Local Area Networking Physical Connections LEDs System Requirements Package Contents Managing D-Link DFL-200 Resetting the DFL-200 Administrative Access Administration Settings Add Admin access to an interface Add ping access to an interface Enable Snmp access to an interface Add Read-only access to an interface Change IP of the LAN or DMZ interface SystemInterfaces IP Address The IP address of the WAN interface. This is WAN Interface Settings Using Static IPWAN Interface Settings Using Dhcp Password WAN Interface Settings Using PPPoE WAN Interface Settings Using Pptp Password The password supplied to you by your ISP WAN Interface Settings Using BigPondMTU Configuration Routing Go to System and Routing Add a new Static RouteRemove a Static Route Logging Enable E-mail alerting for ISD/IDP events Enable LoggingEnable Audit Logging Page Time Setting time and date manually Using NTP to sync timeChanging time zone Checking the Set the system time box Policy FirewallPolicy modes Action Types Schedule Service FilterSource and Destination Filter Add a new policy Intrusion Detection / Prevention Enable the Delete policy checkbox Configure Intrusion DetectionEnable the Intrusion Detection / Prevention checkbox Change order of policy Configure Intrusion Prevention Add a new mapping Port mapping / Virtual Servers Delete mapping Enable the Delete mapping checkbox DFL-200 Radius Support Users Enable Radius Support Enable User Authentication via Http / Https Add User Change User PasswordEnable the Change password checkbox Delete User Enable the Delete user checkbox Add new recurring schedule Schedules Adding TCP, UDP or TCP/UDP Service Services Adding IP Protocol Grouping Services Protocol-independent settings Introduction to IPSec VPN Point-to-Point Protocol Introduction to PptpIntroduction to L2TP MPPE, Microsoft Point-To-Point Encryption Authentication Protocols L2TP/PPTP Clients Authentication protocol L2TP/PPTP Servers Authentication Protocol Introduction chapter Mppe encryption Creating a LAN-to-LAN IPSec VPN Tunnel VPN between two networks Creating a Roaming Users IPSec VPN Tunnel VPN between client and an internal network Adding a L2TP/PPTP VPN Server Adding a L2TP/PPTP VPN Client VPN Advanced Settings IPSec Proposal List Proposal ListsIKE Proposal List Trusting Certificates CertificatesLocal identities Certificates of remote peers Identities Active content handling Content Filtering Edit the URL Global Whitelist Edit the URL Global Blacklist Active content handling Servers Dhcp Server Settings Enable Dhcp Relay Enable Dhcp ServerDisable Dhcp Server/Relayer Enable by checking the Use built-in Dhcp Server box Enable by checking the Enable DNS Relayer box DNS Relayer SettingsEnable DNS Relayer Disable DNS Relayer Ping Tools Ping Example Add Dynamic DNS SettingsDynamic DNS Restoring the DFL-200’s Configuration BackupExporting the DFL-200’s Configuration Restarting the DFL-200 Restart/Reset Restoring system settings to factory defaults Page Upgrade IDS Signature-database UpgradeUpgrade Firmware CPU Load StatusSystem Interfaces VPN Click Connections below it. a window will Connections Dhcp Server Logging Usage events How to read the logsDrop events Conn events Close Example Open Example Step by step guides LAN IP 192.168.4.1, Subnet mask LAN-to-LAN VPN using IPsec Remote Net 192.168.1.0/24 Enable Automatically add a route for the remote network Local net 192.168.1.0/24 LAN IP 192.168.1.1, Subnet mask Remote Net 192.168.4.0/24 LAN-to-LAN VPN using Pptp Username BranchOffice Click Global policy parameters Settings for Main office Page Under Users in local database click Add new Select Local databasePage LAN-to-LAN VPN using L2TP Username BranchOffice Check Use IPsec encryption Setup interfaces, System-Interfaces WAN IP193.0.2.20 Page Select Local database Under Users in local database click Add new More secure LAN-to-LAN VPN solution Page Page Settings for Main office Windows XP client and Pptp server Settings for the Windows XP client Select Connect to the network at my workplace and click Next Select Virtual Private Network connection and click Next Name the connection MainOffice and click Next 104 Select Do not dial the initial connection and click Next Page Click Properties Page Name the new user HomeUser Enter password Retype password Page Windows XP client and L2TP server 112 Settings for Main office Page Content filtering Select HTTP/HTML Content Filtering in the ALG dropdown Firewall-ServicesPage Page Intrusion detection and prevention Page Check Enable E-mail alerting for IDS/IDP events Appendix a Icmp Types and Codes AppendixesPage ESP Appendix B Common IP Protocol Numbers Limited Warranty What Is Not Covered Wichtige Sicherheitshinweise Warnung CE Mark WarningAdvertencia de Marca de la CE Attenzione Vcci Warning Offices Singapore D-LINK International 132